tag:blogger.com,1999:blog-1782534239117433762.post4689673705277939860..comments2017-07-13T00:26:40.896-07:00Comments on Matt on ... Whatever: Manage stock Windows AMIs with Ansible (part 2)Matt Davisnoreply@blogger.comBlogger1125tag:blogger.com,1999:blog-1782534239117433762.post-42298362712630317592017-04-23T14:36:59.424-07:002017-04-23T14:36:59.424-07:00Hi Matt,
Thanks for you blog. This is awesome. ...Hi Matt,<br /><br />Thanks for you blog. This is awesome. I was dreading the idea of writing a bunch of bash awscli or boto scripts to manage a provision and configure a series of Windows hosts for our mixed Linux / Windows environment. For Linux, I&#39;ve been using user_data and ansible pull to bootstrap my instances. But I don&#39;t think that strategy would work for windows for all sorts of reasons.<br /><br />I had experience using winRM and Ansible in a private network and found it incredibly useful. Until I read your blog, I didn&#39;t know an effective way to get the instances bootstrapped and winrm / ansible ready.<br /><br />From you blog I learned how to use ec2.py, user_data in windows, and of course some more anisble playbook techniques.<br /><br />If I may suggest an enhancement , as you pointed out, the Administrator passed into user_data is available for anyone on the host to see. So, how about: <br />add an entry to your secret.yml :<br /><br />win_permanent_password: AStrongPassword<br /><br />then add a task to playbook:<br /><br />- name: Ensure user bob is present<br /> win_user:<br /> name: Administrator<br /> password: {{ win_permanent_password }}<br /> state: present<br /><br />All Playbooks executed subsequently of course will need to use {{ win_permanent_password }}... <br /><br />Thanks againDavid Hallhttps://www.blogger.com/profile/16820641247883090984noreply@blogger.com